I'm trying to publish an Exchange 2000 server behind an ISA server 2004 using SSL.
I have configured everything including the certificates as per this article:
However I am unable to get the hosts file entry on the ISA server to work correctly. The article recommends this entry and the reason for this is:
"The ISA firewall must be able to resolve the name used by remote users connecting to the OWA site through the ISA firewall to the IP address of the OWA site on the corporate network. The ISA firewall must NOT resolve this name to the IP address on the external interface of the ISA firewall."
For some reason my hosts file is being ignored and the ISA server is resolving the OWA URL to the IP associated with the external adapter, not the internal exchange server that I have specified in the hosts file. Pinging the OWA URL from the ISA console resolves and replies from the ISA's external interface. OWA is working correctly internally. Externally entering the OWA URL into a browser gives me a warning about a certificate from an currently untrusted source (which I would anticipate) and then when I choose to continue returns the error:
Error Code: 500 Internal Server Error. Internet Control Message Protocol (ICMP) network is unreachable. For more information about this event, see ISA Server Help
I'm not sure if this could be a factor; but the ISA's external adapter is attached to a cable modem, and it has to obtain its IP address from the cable modem automatically. However the ip address, gateway and other information the modem hand out always remain the same.
I realise that this is an unusal setup, but this an ISP limitation with their static IP service.
Regardless, ISA has been functioning correctly using this configuration and is supporting several VPN tunnels and other publishing rules without issue.
ISA Server 2004 running on Windows 2003
Exchange 2000 Running on Windows 2000 SP4
Please can anyone help?
thanks in advance.